VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,452 total · sorted by risk
  • CVE-2016-1773LowMar 24, 2016
    risk 0.21cvss 3.3epss 0.00

    The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files via unspecified vectors.

  • CVE-2026-20671LowFeb 11, 2026
    risk 0.20cvss 3.1epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may…

  • CVE-2025-43531LowDec 17, 2025
    risk 0.20cvss 3.1epss 0.00

    A race condition was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected…

  • CVE-2020-3894LowApr 1, 2020
    risk 0.20cvss 3.1epss 0.01

    A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory.

  • CVE-2017-2383LowApr 2, 2017
    risk 0.20cvss 3.1epss 0.00

    An issue was discovered in certain Apple products. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. The issue involves cleartext client-certificate transmission in the "APNs Server" component. It allows man-in-the-middle attackers to track…

  • CVE-2016-4583LowJul 22, 2016
    risk 0.20cvss 3.1epss 0.02

    WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document.

  • CVE-2016-4740LowSep 18, 2016
    risk 0.19cvss 2.9epss 0.00

    Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors.

  • CVE-2025-43532LowDec 12, 2025
    risk 0.18cvss 2.8epss 0.00

    A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing malicious data…

  • CVE-2025-43365LowNov 4, 2025
    risk 0.18cvss 2.8epss 0.00

    A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26 and iPadOS 26. An unprivileged process may be able to terminate a root processes.

  • CVE-2025-43349LowSep 15, 2025
    risk 0.18cvss 2.8epss 0.00

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted video file…

  • CVE-2024-40864LowMar 31, 2025
    risk 0.18cvss 2.7epss 0.01

    The issue was addressed with improved handling of protocols. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.2, watchOS 11.2. An attacker in a privileged network position may be able to track a user's…

  • CVE-2024-54558LowMar 10, 2025
    risk 0.18cvss 2.8epss 0.00

    A clickjacking issue was addressed with improved out-of-process view handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to trick a user into granting access to photos from the user's photo library.

  • CVE-2025-43410LowDec 12, 2025
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.2. An attacker with physical access may be able to view deleted notes.

  • CVE-2025-31216LowNov 21, 2025
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to override managed Wi-Fi profiles.

  • CVE-2025-43408LowNov 4, 2025
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An attacker with physical access may be able to access contacts from the lock screen.

  • CVE-2025-43350LowNov 4, 2025
    risk 0.16cvss 2.4epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker may be able to view restricted content from the lock screen.

  • CVE-2025-43309LowNov 4, 2025
    risk 0.16cvss 2.4epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in iOS 26 and iPadOS 26. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen.

  • CVE-2025-30469LowMar 31, 2025
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4. A person with physical access to an iOS device may be able to access photos from the lock screen.

  • CVE-2025-24193LowMar 31, 2025
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker with a USB-C connection to an unlocked device may be able to programmatically access photos.

  • CVE-2024-44179LowMar 10, 2025
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15. An attacker with physical access to a device may be able to read contact numbers from the lock screen.

  • CVE-2024-40839LowJan 15, 2025
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen.

  • CVE-2024-54485LowDec 12, 2024
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed by adding additional logic. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. An attacker with physical access to an iOS device may be able to view notification content from the lock screen.

  • CVE-2024-44265LowOct 28, 2024
    risk 0.16cvss 2.4epss 0.01

    The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An attacker with physical access can input Game Controller events to apps running on a locked device.

  • CVE-2024-44251LowOct 28, 2024
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to view restricted content from the lock screen.

  • CVE-2024-40851LowOct 28, 2024
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen.

  • CVE-2024-44180LowSep 17, 2024
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen.

  • CVE-2024-44139LowSep 17, 2024
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen.

  • CVE-2024-40822LowJul 29, 2024
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, watchOS 10.6. An attacker with physical access to a device may be able to access contacts from the lock…

  • CVE-2024-27862LowJul 29, 2024
    risk 0.16cvss 2.4epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.6. Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled.

  • CVE-2024-27819LowJun 10, 2024
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to access contacts from the lock screen.

  • CVE-2024-27814LowJun 10, 2024
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed through improved state management. This issue is fixed in watchOS 10.5. A person with physical access to a device may be able to view contact information from the lock screen.

  • CVE-2024-27835LowMay 14, 2024
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to access notes from the lock screen.

  • CVE-2024-27803LowMay 14, 2024
    risk 0.16cvss 2.4epss 0.00

    A permissions issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to share items from the lock screen.

  • CVE-2024-23255LowMar 8, 2024
    risk 0.16cvss 2.4epss 0.01

    An authentication issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Photos in the Hidden Photos Album may be viewed without authentication.

  • CVE-2024-23240LowMar 8, 2024
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.

  • CVE-2024-0230LowJan 12, 2024
    risk 0.16cvss 2.4epss 0.01

    A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard Firmware Update 2.0.6. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic.

  • CVE-2023-40529LowJan 10, 2024
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17 and iPadOS 17. A person with physical access to a device may be able to use VoiceOver to access private calendar information.

  • CVE-2023-42874LowDec 12, 2023
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2. Secure text fields may be displayed via the Accessibility Keyboard when using a physical keyboard.

  • CVE-2022-46724LowAug 14, 2023
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen.

  • CVE-2023-32417LowJun 23, 2023
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features.

  • CVE-2023-32394LowJun 23, 2023
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. A person with physical access to a device may be able to view contact information from the lock screen.

  • CVE-2023-32390LowJun 23, 2023
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup.

  • CVE-2023-32365LowJun 23, 2023
    risk 0.16cvss 2.4epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.5 and iPadOS 16.5. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.

  • CVE-2022-46717LowApr 10, 2023
    risk 0.16cvss 2.4epss 0.00

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2. A user with physical access to a locked Apple Watch may be able to view user photos via accessibility features

  • CVE-2022-32871LowApr 10, 2023
    risk 0.16cvss 2.4epss 0.00

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16. A person with physical access to a device may be able to use Siri to access private calendar information

  • CVE-2022-32879LowNov 1, 2022
    risk 0.16cvss 2.4epss 0.00

    A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, tvOS 16. A user with physical access to a device may be able to access contacts from the lock screen.

  • CVE-2022-32870LowNov 1, 2022
    risk 0.16cvss 2.4epss 0.00

    A logic issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user with physical access to a device may be able to use Siri to obtain some call history information.

  • CVE-2022-32867LowNov 1, 2022
    risk 0.16cvss 2.4epss 0.00

    This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs.

  • CVE-2022-32872LowSep 20, 2022
    risk 0.16cvss 2.4epss 0.00

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. A person with physical access to an iOS device may be able to access photos from the lock screen.

  • CVE-2022-26703LowMay 26, 2022
    risk 0.16cvss 2.4epss 0.00

    An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A person with physical access to an iOS device may be able to access photos from the lock screen.

Page 100 of 170